b1aa4cbb72ea5eb72797dd60f06f0fa752bcd4ae2769a68621e9491b3f049b84 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2861c16603542d321ef849555bddc786_JaffaCakes118
Size

64KB
Sample

241009-br7gsasdra
MD5

2861c16603542d321ef849555bddc786
SHA1

8257a6fa9b8dcca54d5f5623e4d61b3aedf83a8d
SHA256

b1aa4cbb72ea5eb72797dd60f06f0fa752bcd4ae2769a68621e9491b3f049b84
SHA512

b4a270d5c8bbc8986f79ca0c59a99d95d68622c96ae6ba8d2ac70c4f1da902ca67fbb4ca1d232d938c3eba1d1a7b44f8135f411b13d4317de88c3b160cce2194
SSDEEP

1536:/QQvLCXkmPtQkmulB45htI6JFh3b2qSEH+nmwm:oQzCUZhntbDh

Score

7^/10

discovery persistence

Malware Config

Targets

- Target
  
  2861c16603542d321ef849555bddc786_JaffaCakes118
- Size
  
  64KB
- MD5
  
  2861c16603542d321ef849555bddc786
- SHA1
  
  8257a6fa9b8dcca54d5f5623e4d61b3aedf83a8d
- SHA256
  
  b1aa4cbb72ea5eb72797dd60f06f0fa752bcd4ae2769a68621e9491b3f049b84
- SHA512
  
  b4a270d5c8bbc8986f79ca0c59a99d95d68622c96ae6ba8d2ac70c4f1da902ca67fbb4ca1d232d938c3eba1d1a7b44f8135f411b13d4317de88c3b160cce2194
- SSDEEP
  
  1536:/QQvLCXkmPtQkmulB45htI6JFh3b2qSEH+nmwm:oQzCUZhntbDh
Score

7^/10

persistence discovery
- Boot or Logon Autostart Execution: Print Processors
  Adversaries may abuse print processors to run malicious DLLs during system boot for persistence and/or privilege escalation.
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Print Processors

Privilege Escalation

Boot or Logon Autostart Execution

Print Processors

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2